CN108495309A - Method, electronic equipment and the storage medium of information processing - Google Patents

Method, electronic equipment and the storage medium of information processing Download PDF

Info

Publication number
CN108495309A
CN108495309A CN201810117435.2A CN201810117435A CN108495309A CN 108495309 A CN108495309 A CN 108495309A CN 201810117435 A CN201810117435 A CN 201810117435A CN 108495309 A CN108495309 A CN 108495309A
Authority
CN
China
Prior art keywords
client
key information
information
key
dynamic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810117435.2A
Other languages
Chinese (zh)
Other versions
CN108495309B (en
Inventor
罗生
蒲天豪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
MIGU Culture Technology Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
MIGU Culture Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, MIGU Culture Technology Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201810117435.2A priority Critical patent/CN108495309B/en
Publication of CN108495309A publication Critical patent/CN108495309A/en
Application granted granted Critical
Publication of CN108495309B publication Critical patent/CN108495309B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]

Abstract

The invention discloses a kind of method of information processing, the method includes:Obtain the first key information for calculating dynamic key;The dynamic key is generated according to the fixed key information of the first key information and client;Wherein, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;The information interacted is encrypted or decrypted using the dynamic key.The invention also discloses a kind of electronic equipment and storage medium.

Description

Method, electronic equipment and the storage medium of information processing
Technical field
The present invention relates to the information processing technology in field of mobile terminals, more particularly to a kind of method of information processing, electricity Sub- equipment and storage medium.
Background technology
Cybertimes people carry out various activities in a network at present, and various information are in network in network transmission process In it is disclosed and be easy to be acquired, it is all acceptable that some public informations are got by anyone, but right In the information that some carry secret property, we then need to be protected accordingly, and encryption technology is then to solve the problems, such as this at this time Effective means.
Currently cipher mode common in network transmission process includes:With logical for the hypertext transfer protocol of target safely Road (Hyper Text Transfer Protocol over Secure Socket Layer, HTTPS) encryption technology and client Hold encryption technology.However, these cipher modes cannot be guaranteed the safe transmission of information.
Invention content
To solve existing technical problem, the embodiment of the present invention mainly provides a kind of method of information processing, equipment And storage medium, it can solve the problems, such as that information is unable to safe transmission.
What the technical solution of the embodiment of the present invention was realized in:
An embodiment of the present invention provides a kind of method of information processing, the method includes:
Obtain the first key information for calculating dynamic key;
The dynamic key is generated according to the fixed key information of the first key information and client;Wherein, described Fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
The information interacted is encrypted or decrypted using the dynamic key.
In above-mentioned technical proposal, the method further includes:
Receive the fixed key information that the client-side management land period is sent.
It is described according to described in the generation of the fixed key information of the first key information and client in above-mentioned technical proposal Dynamic key, including:
It carries out the first key information and the fixed key information to obscure operation, the character string after being obscured;
Hash processing is carried out to the character string, generates the dynamic key.
It is described to carry out the first key information and the fixed key information to obscure operation in above-mentioned technical proposal, Character string after being obscured, including:
The first key information and the fixed key information are subjected to step-by-step and operation, generate the character after obscuring String.
In above-mentioned technical proposal,
The client is to be formed according to the type of service of application, wherein different types of service corresponds to different visitors Family end.
In above-mentioned technical proposal,
If the method is applied to be equipped in the terminal of the client, the obtained for calculating dynamic key One key information, including:
The first key information for calculating dynamic key is received from server.
In above-mentioned technical proposal,
If the method is applied in the server for providing service to the client, the acquisition is close for calculating dynamic The first key information of key, including:
It is local to read the first key information for calculating dynamic key.
The embodiment of the present invention additionally provides a kind of method of information processing, the method includes:
According to the type of service of application, client corresponding with the type of service of the application is generated;
Fixed key information is distributed for the client, wherein the fixed key information of each client is different;
The fixed key information of the client is sent to server and the terminal of the client is installed;Wherein, The first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, the dynamic is close Key, the information encryption for being interacted to the server and the client or decryption.
In above-mentioned technical proposal, the method further includes:
Periodically it is that the client distributes fixed key information.
In above-mentioned technical proposal, the method further includes:
Receive the risk report that risk control system is sent;
When the risk report shows the client there are abnormal behaviour, new consolidate is distributed to there is abnormal client Determine key information;
The new fixed key information is sent to abnormal client and server.
The embodiment of the present invention additionally provides a kind of electronic equipment, and the electronic equipment is terminal or server, the electronics Equipment includes:
Acquisition module, for obtaining the first key information for calculating dynamic key;
Generation module, it is close for generating the dynamic according to the fixed key information of the first key information and client Key;Wherein, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
Encryption Decryption module, for the information interacted to be encrypted or decrypted using the dynamic key.
The embodiment of the present invention additionally provides a kind of electronic equipment, and the equipment includes:
Client generation module generates corresponding with the type of service of the application for the type of service according to application Client;
Distribution module, for distributing fixed key information for the client, wherein the fixed key letter of each client Breath is different;
Sending module, for the fixed key information of the client to be sent to server and is equipped with the client Terminal;Wherein, the first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, The dynamic key, the information encryption for being interacted to the server and the client or decryption.
The embodiment of the present invention additionally provides a kind of electronic equipment, including:Processor and for store can be on a processor The memory of the computer program of operation,
The step of processor is for when running the computer program, executing the above method.
The embodiment of the present invention additionally provides a kind of computer readable storage medium, is stored thereon with computer program, the meter The step of above method is realized when calculation machine program is executed by processor.
The method for the information processing that the embodiment of the present invention is provided can be distributed by client-side management platform for client Different fixed key information, and then can ensure that the content operation of the same type of service of application corresponds to a client. When information is encrypted or decrypted, the first key information for calculating dynamic key can be obtained, using first key information and admittedly Determine key information and generates dynamic key.When client and server transmit information, it is interaction that can use the dynamic key Information encryption or decryption.
On the one hand, due to different clients have different dynamic key, thereby may be ensured that server with client When communication, different clients correspond to different dynamic key, even if the dynamic key of a client is cracked, other service class The key of the corresponding client of type or safety, and then can ensure the safe transmission of information to the maximum extent.
On the other hand, since dynamic key is generated based on fixed key information and first key information, even if fixed One of key information or first key information are cracked, and final dynamic key will not be cracked.And first key is believed Breath can be by server dynamic generation, even if dynamic key is cracked during current sessions, and the dynamic key of next session can be with It changes, to ensure the safety of information in next session.
Description of the drawings
Fig. 1 is the basic procedure schematic diagram of an information processing method provided in an embodiment of the present invention;
Fig. 2 is the basic procedure schematic diagram of an information processing method provided in an embodiment of the present invention;
Fig. 3 is the idiographic flow schematic diagram of an information processing method provided in an embodiment of the present invention;
Fig. 4 is the flow diagram of client generation method provided in an embodiment of the present invention;
Fig. 5 is the structural schematic diagram of a terminal provided in an embodiment of the present invention;
Fig. 6 is the structural schematic diagram of a server provided in an embodiment of the present invention;
Fig. 7 is the structural schematic diagram of an electronic equipment provided in an embodiment of the present invention;
Fig. 8 is the structural schematic diagram of an information processing system provided in an embodiment of the present invention;
Fig. 9 is the structural schematic diagram of an electronic equipment provided in an embodiment of the present invention;
Figure 10 is the structural schematic diagram of an electronic equipment provided in an embodiment of the present invention.
Specific implementation mode
A kind of information processing method of offer of the embodiment of the present invention is by using fixed key and dynamic key to client It is encrypted or decrypts with the information of server transport, be ciphertext to make the information in network transmission all, it is ensured that information It can not Direct Recognition being acquired in network transmission process.If the letter only transmitted between browser and network service Encryption for information is can not to ensure the safety of information before being transmitted, once information before being transmitted once be acquired and distort, that Information is just no longer safe.If the information of transmission be encrypted in data processing stage, obtained in any transmission stage The data got are ciphertext data.But since the encrypted secret key of client is fixed, the meeting once encryption data is cracked Cause encrypted secret key to be revealed, then can also have safety problem using other encrypted data of the client, in turn results in big Measure information leakage.In the embodiment of the present invention, client-side management platform can be according to the type of service of application, for the same of the application A client is arranged in the content operation that one business carries out, and then different clients can apply different type of service phases from this It is corresponding.Client-side management platform can be that each client distributes corresponding fixed key information, and then can ensure each visitor The fixed key information at family end is different.After client terminal start-up, first key information can be obtained from server, recycle first Key information and the fixed key information of itself generate dynamic key.Meanwhile server can be obtained from client-side management platform The fixed key information of the client is generated using the first key information of the client and the fixed key information of the client Dynamic key.When the client and server transmit information, which is the letter transmitted using dynamic key with server Encryption for information and decryption.
The type of service can be divided according to operation contents such as the function of application, attribute or objects, for example, some The operation contents such as the game charater of application or equipment store, can be divided into the different service types of the application.
The basic procedure of the information processing method provided in the embodiment of the present invention is as shown in Figure 1, may comprise steps of:
Step 101, the first key information for calculating dynamic key is obtained;
Step 102, the dynamic key is generated according to the fixed key information of the first key information and client;Its In, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
Step 103, the information interacted is encrypted or decrypted using the dynamic key.
Described information processing method can be applied in the terminal for being equipped with the client, or apply to the visitor Family end is provided in the server of service.
Client in the embodiment of the present invention is client corresponding with the type of service of application, different service types Operation content corresponds to different clients.For example, when a certain application increases equipment this type of service of store, client-side management is flat Platform can be that corresponding webpage client is arranged in equipment store.This way it is possible to avoid all operable contents are all corresponding in One client, so as to increase the privacy of operable content.
When the method is applied to be equipped in the terminal of the client, before the step 101, the method Further include:When the client terminal start-up, session request is sent to server.It, should after being specifically loaded such as a certain client User end to server sends session request, to establish the session connection with server.
In a step 101, when the method is applied to be equipped in the terminal of the client, the acquisition is based on The first key information of dynamic key is calculated, including:The first key information for calculating dynamic key is received from server. Wherein, the first key information can be the key information that server distributes to each client.
It is described to obtain for calculating dynamic when the method is applied to provide in the server of service to the client The first key information of key, including:It is local to read the first key information for calculating dynamic key.Here, described First key information can be the key information that server local generates.
Specifically such as, when a certain client is loaded, which sends session request.Server receives institute After stating session request, the first key information of the client is distributed in locally reading, and first key information is sent to The client.Here key information can be key (KEY) value, and server can be in local random generation KEY values.It is incited somebody to action in server After first key information distributes to corresponding client, the corresponding pass between the first key information of distribution and client is recorded System.
In a step 102, described that described move is generated according to the fixed key information of the first key information and client State key can be the client or server by utilizing preset rules to the first key information and fixed key information into Row processing, generates the dynamic key information.The preset rules can be the data processing methods such as preset algorithm.
The fixed key information according to the first key information and client, generating the dynamic key can wrap It includes:It carries out the first key information and the fixed key information to obscure operation, the character string after being obscured;To described Character string carries out Hash processing, generates the dynamic key.For example, bit manipulation can be utilized the first key information and institute It states fixed key information to be obscured, the bit manipulation can be step-by-step and operation, step-by-step or operation or xor operation etc..Institute It states and Hash processing is carried out to the character string, can be to carry out that the processing of salt Hash, described plus salt Hash is added to calculate to the character string Method can be HMAC-SHA1.
When the bit manipulation be step-by-step with operation when, it is described by the first key information and the fixed key information into Row obscures operation, and the character string after being obscured may include:The first key information and the fixed key information are carried out Step-by-step and operation, generate the character string after obscuring.
It should be noted that be only a citing to generating dynamic key mode here, it can basis in practical operation The demand of specific encryption scene selects suitable dynamic key production mode.
The fixed key information can be the key information that client-side management platform is distributed when generating the client. The fixed key information of different clients is different.Client-side management platform can carry out client according to the type of service of application Management, for example, increasing client, reducing client or distributing fixed key information for client.Client is receiving client After the fixed key information of end pipe platform distribution, fixed key information is stored.
Optionally, the client receives the fixed key information that the client-side management land period is sent.It is described The period of update fixed key information can be arranged in client-side management platform, and fixed key information is redistributed with again for client Reinforce the client;Again similarity can be less than certain threshold value between the information that the client reinforced is transmitted, such as Similarity is less than 30%.And then can ensure that the dynamic key that different clients use is different, it improves in information interactive process Safety.
Correspondingly, server can obtain institute in the session request for receiving client from the client-side management platform State the fixed key information of client.And then the fixed key information of the client and first key information can be utilized to generate The dynamic key.
In step 103, the letter that dynamic key encryption or decryption interact described in the client or server by utilizing Breath.When the client and the server carry out information exchange, it is interactive that can use the dynamic key information generated Information is encrypted or decryption.In this way, when carrying out information exchange, each client can use the dynamic different from other clients Key is the information encryption or decryption interacted with server, even if the dynamic key of a certain client is cracked, will not be influenced The information security of other clients;And the fixed key information for generating dynamic key can periodically update, and then do not interfere with this The safety of client session next time, so as to improve the safety of information transmission.
The embodiment of the present invention additionally provides a kind of information processing method, basic procedure such as Fig. 2 of described information processing method It is shown, include the following steps:
Step 201, according to the type of service of application, client corresponding with the type of service of the application is generated;
Step 202, it is that the client distributes fixed key information, wherein the fixed key information of each client is not Together;
Step 203, the fixed key information of the client is sent to server and the end of the client is installed End;Wherein, the first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, described Dynamic key, the information encryption for being interacted to the server and the client or decryption.
The information processing method that the embodiment of the present invention is provided can be applied in client-side management platform, the step 201 can be, client-side management platform generates client corresponding with the type of service of the application according to the type of service of application End.
The type of service can be divided according to operation contents such as the function of application, attribute or objects, as some is answered The operation contents such as game charater or equipment store, can be divided into the different service types of the application.For example, client's end pipe Platform such as equips this business of store when detecting that a certain application increases new business, and client-side management platform can be dress Corresponding webpage client is arranged in standby store.This way it is possible to avoid all operable contents all correspond to a client in, So as to increase the privacy of operable content.
In step 202, the client-side management platform is that the client distributes fixed key information.Here, described Client-side management platform can be randomly assigned fixed key information, and the fixed key information of each client is different.It is solid in distribution When determining key information, client-side management platform can also record the correspondence between fixed key information and each client, In this way, when server obtains the fixed key information for obtaining a certain client to client-side management platform, client-side management is flat Fixed key information corresponding with the client can be sent to by platform according to the correspondence of fixed key information and client Server.
Optionally, the client-side management platform can periodically be that the client distributes fixed key information.It is described The period of update fixed key information can be arranged in client-side management platform, and fixed key information is redistributed with again for client Reinforce the client;Again similarity can be less than certain threshold value between the information that the client reinforced is transmitted, such as Similarity is less than 30%.And then can ensure that the dynamic key that different clients use is different, it improves in information interactive process Safety.
Correspondingly, the client-side management platform can believe newer fixed key after updating fixed key information Breath is sent to server, so that server can utilize updated fixed key information to generate dynamic key, and then makes service Device is the information encryption or decryption interacted with client using correct dynamic key.
Optionally, the client-side management platform can also receive the risk report of risk control system transmission;When described When risk report shows the client there are abnormal behaviour, the client to have abnormal distributes new fixed key information;It will The new fixed key information is sent to abnormal client and server.The client-side management platform can also be in risk When report shows the client there are abnormal behaviour, the client there are abnormal behaviour is updated.
In order to better ensure that safety of the information in transmission process, risk control system can be established to the client Behavior be monitored.When risk control system detects that certain client, can be to client's end pipe there are when abnormal behaviour Platform sends risk report.The abnormal behaviour may include:In the case of without permission, find there is the number distorted According to;Alternatively, a certain operation of client is excessively frequent;Alternatively, the function of client can not be used.When client's end pipe Platform receives when showing the client there are abnormal behaviour, and client-side management platform can be the presence of abnormal client weight New distribution fixed key information ensures the safety of information so as to there is abnormal client and server update dynamic key.
In step 203, the fixed key information of the client can be sent to server by client-side management platform With the terminal for being equipped with the client.The first key information life that the fixed key information can be used for providing with server At dynamic key;The information encryption or solution that the dynamic key can be used for interacting the server and the client It is close.
Fig. 3 is the idiographic flow schematic diagram of information processing method provided in an embodiment of the present invention.Described information processing method It may comprise steps of:
Step 310, client-side management platform generates multiple client according to the type of service of application, and is each client Distribute fixed key information.
The process of client generation method can be as shown in Figure 4, it may include following steps:
When step 311, using new operable content is increased, it can be added in client-side management platform in newly-increased operation Hold;
Step 312, client-side management platform generates a fixed key information at random;
Step 313, client-side management combines newly-increased operation content using the fixed key information generated, generates one only It can be used for increasing newly the client of operation content.
For example, when increasing one or more articles for sale when application increases a certain function or in store, it can be according to newly-increased Operable content adds corresponding webpage client for the operable content.In this way, just can avoid all operable contents all Using same client, and then promote the privacy of operation content.
Step 314, by the client synchronization of generation to applying, with for users to use.
To improve information security, client-side management platform can periodically be that client sends fixed key information.
Step 320, after client is loaded, the user end to server sends session request, is obtained from server First key information.
Here, the first key information can be the key information that server generates at random according to session request, such as KEY values.
Step 330, client generates dynamic key according to the fixed key information of the first key information and itself.
Client carries out obscuring operation to the fixation key information of itself with the KEY values obtained from server, then to mixed Character string after confusing carries out plus salt hashing operation, using obtained cryptographic Hash as dynamic secret key.
Step 340, server obtains the fixed key of client from client-side management platform, is believed using the first key Breath and fixed key information generate dynamic key.
Here, server generate the dynamic key mode can with client generate the mode of dynamic key it is identical, Which is not described herein again.
Step 350, client and server carries out information exchange using the dynamic key.
For client and server when being transmitted into row information, it is that the information transmitted is encrypted that can use the dynamic key generated Or decryption.
In embodiments of the present invention, different clients can correspond to the different service types of application, and different clients have There is different fixation key informations.Higher safety is had based on the dynamic key that fixed key information generates in this way, is not allowed It is easily cracked, even if the dynamic secret key of a certain client is cracked, the communication security of other clients will not be influenced.
It, can also be in time in the embodiment of the present invention when reaching preset period of time or when finding to have abnormal client Client and fixed key information are updated, since each user loads client when using client, user can make in time With the client of safety.Even if the dynamic secret key of client is cracked, the communication of same client other users will not be influenced Safety and the communication security of user session next time.
The embodiment of the present invention additionally provides a kind of terminal, and the terminal composed structure is as shown in figure 5, include:
Acquisition module 501, for obtaining the first key information for calculating dynamic key;
Generation module 502, it is described dynamic for being generated according to the fixed key information of the first key information and client State key;Wherein, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is not Together;
Encryption Decryption module 503, for the information interacted to be encrypted or decrypted using the dynamic key.
Wherein, the client is to be formed according to the type of service of application, wherein different types of service corresponds to different Client.
The client-side management platform can be according to the type of service of application, in the same business progress of the application Hold one client of operation setting, and then different clients can be corresponding using different types of service from this.Client's end pipe Platform can be that each client distributes corresponding fixed key information, and then can ensure the fixed key of each client Information is different.The acquisition module 501 receives the first key information for calculating dynamic key from server;And then it is raw First key information and the fixed key information of itself can be utilized to generate dynamic key at module 502.When the client and clothes When device transmission information of being engaged in, the Encryption Decryption module 503 is the information encryption or decryption transmitted using dynamic key.
The Encryption Decryption module 503 is specifically used for carrying out the first key information and the fixed key information Obscure operation, the character string after being obscured;Hash processing is carried out to the character string, generates the dynamic key.It is described right The character string carries out Hash processing, can be to carry out adding the processing of salt Hash to the character string, described plus salt hash algorithm can Think HMAC-SHA1.
The Encryption Decryption module 503 is specifically used for carrying out the first key information and the fixed key information Step-by-step and operation, generate the character string after obscuring.Here step-by-step can also replace with step-by-step or operation or exclusive or with operation The operations such as operation.
Further, the acquisition module 501 is additionally operable to receive the fixation that the client-side management land period is sent Key information.In this way, generation module 502 can periodically generate dynamic key, 503 timing of Encryption Decryption module is set to use different Dynamic key be information encrypt or decrypt.In this way, even if the dynamic key of a certain client is cracked, other will not be influenced The information security of client, to improve the safety of information.
The embodiment of the present invention additionally provides a kind of server, and the composed structure of the server is as shown in fig. 6, include:
Acquisition module 601, for obtaining the first key information for calculating dynamic key;
Generation module 602, it is described dynamic for being generated according to the fixed key information of the first key information and client State key;Wherein, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is not Together;
Encryption Decryption module 603, for the information interacted to be encrypted or decrypted using the dynamic key.
Wherein, the client is to be formed according to the type of service of application, wherein different types of service corresponds to different Client.
The client-side management platform can be according to the type of service of application, in the same business progress of the application Hold one client of operation setting, and then different clients can be corresponding using different types of service from this.Client's end pipe Platform can be that each client distributes corresponding fixed key information, and then can ensure the fixed key of each client Information is different.The acquisition module 601 reads the first key information for calculating dynamic key from local;And then it generates Module 602 can utilize first key information and the fixed key information of itself to generate dynamic key.When the client and service When device transmits information, the Encryption Decryption module 603 is the information encryption or decryption transmitted using dynamic key.
The Encryption Decryption module 603 is specifically used for carrying out the first key information and the fixed key information Obscure operation, the character string after being obscured;Hash processing is carried out to the character string, generates the dynamic key.It is described right The character string carries out Hash processing, can be to carry out adding the processing of salt Hash to the character string, described plus salt hash algorithm can Think HMAC-SHA1.
The Encryption Decryption module 603 is specifically used for carrying out the first key information and the fixed key information Step-by-step and operation, generate the character string after obscuring.Here step-by-step can also replace with step-by-step or operation or exclusive or with operation The operations such as operation.
Further, the acquisition module 601 is additionally operable to receive the fixation that the client-side management land period is sent Key information.In this way, generation module 602 can periodically generate dynamic key, 603 timing of Encryption Decryption module is set to use different Dynamic key be information encrypt or decrypt.In this way, even if the dynamic key of a certain client is cracked, other will not be influenced The information security of client, to improve the safety of information.
The embodiment of the present invention additionally provides a kind of electronic equipment, and the composed structure of the electronic equipment is as shown in fig. 7, packet It includes:
Client generation module 701 generates corresponding with the type of service of the application for the type of service according to application Client;
Distribution module 702, for distributing fixed key information for the client, wherein the fixation of each client is close Key information is different;
Sending module 703, for the fixed key information of the client to be sent to server and is equipped with the visitor The terminal at family end;Wherein, the first key information that the fixed key information is used to provide with server generates dynamic key; Wherein, the dynamic key, the information encryption for being interacted to the server and the client or decryption.
The type of service can be divided according to operation contents such as the function of application, attribute or objects, as some is answered The operation contents such as game charater or equipment store, can be divided into the different service types of the application.This way it is possible to avoid All operable contents all correspond to a client in, so as to increase the privacy of operable content.
The distribution module 702 is additionally operable to periodically be that the client distributes fixed key information.In this way, even if certain The dynamic key of one client is cracked, and will not influence the information security of other clients, to improve the safety of information.
The encryption device further includes:Receiving module 704, the risk report for receiving risk control system transmission;Institute Distribution module 702 is stated, is additionally operable to when the risk report shows the client there are abnormal behaviour, for the client for having abnormal New fixed key information is distributed at end;The sending module 703 is additionally operable to the new fixed key information being sent to exception Client and server.
Optionally, the encryption device further includes:Client update module 705 shows to deposit for working as the risk report In the client of abnormal behaviour, the client that there is exception is updated.It is deposited in this way, receiving display in receiving module 704 In the client of abnormal behaviour, client update module 705 can also timely update client.Since each user is using Client is loaded when client, user can timely use safe client.Even if the dynamic secret key of client is cracked The communication security of same client other users and the communication security of user session next time are not interfered with.
The embodiment of the present invention additionally provides a kind of information processing system, and the composed structure of the system is as shown in figure 8, packet It includes:Terminal 801, server 802, client-side management platform 803.
The terminal 801, is equipped with client, for receiving for calculating dynamic key from the server 802 One key information generates the dynamic key according to the fixed key information of the first key information and client, utilizes institute State the information that dynamic key encryption or decryption interact.
The server 802, for sending the first key information for calculating dynamic key, root to the terminal 801 The dynamic key is generated according to the fixed key information of the first key information and client, is encrypted using the dynamic key Or the information that decryption interacts.
The client-side management platform 803 generates the type of service with the application for the type of service according to application Corresponding client;Fixed key information is distributed for the client, wherein the fixed key information of each client is different; The fixed key information of the client is sent to server and the terminal of the client is installed.
Further, the terminal 801 or server 802 are additionally operable to receive the client-side management land period hair The fixed key information sent.
The terminal 801 or server 802, be specifically used for by the first key information and the fixed key information into Row obscures operation, the character string after being obscured;Hash processing is carried out to the character string, generates the dynamic key.
The terminal 801 or server 802, be specifically used for by the first key information and the fixed key information into Row step-by-step and operation, generate the character string after obscuring.
The client-side management platform 803, it is the client to be additionally operable to periodically send to the terminal and server Distribute fixed key information.
Optionally, the system also includes:Risk control system 804, the behavior for monitoring the client, works as detection The client sends risk report there are when abnormal behaviour to the client-side management platform 803.
The client-side management platform 803 is additionally operable to receive the risk report that the risk control system is sent;When described When risk report shows the client there are abnormal behaviour, the client to have abnormal distributes new fixed key information;It will The new fixed key information is sent to abnormal client and server.
Specifically, client-side management platform 803 generates multiple client according to the type of service of application, and is each client End distribution fixed key information, and the fixed key information is sent to the terminal and server for being equipped with the client. After client is loaded, the terminal 801 for installing the client sends session request to server 802, is obtained from server 802 Take first key information.Here, the first key information can be that server is believed according to the key that session request generates at random Breath, such as KEY values.
Terminal 801 to the fixation key information of client with obtain the first key information that 801 take from server and obscure Then operation carries out the character string after obscuring adding salt hashing operation, using obtained cryptographic Hash as dynamic secret key.Correspondingly, Server 802 can utilize the fixed key information of the first key information and client, generate dynamic key.Client kimonos Device be engaged in when being transmitted into row information, it is the information encryption or decryption transmitted that can use the dynamic key generated.
In embodiments of the present invention, different clients can correspond to the different service types of application, and different clients have There is different fixation key informations.Higher safety is had based on the dynamic key that fixed key information generates in this way, is not allowed It is easily cracked, even if the dynamic secret key of a certain client is cracked, the communication security of other clients will not be influenced.
In order to better ensure that safety of the information in transmission process, row of the risk control system 804 to the client To be monitored.When risk control system 804 detects that certain client, can be to the client-side management there are when abnormal behaviour Platform 803 sends risk report.Client-side management platform 803 receives when showing the client there are abnormal behaviour, Ke Yiwei Fixed key information is redistributed in the presence of abnormal client, so as to there is abnormal client and server update dynamic key, Ensure the safety of information.Since each user loads client when using client, user can timely use safe visitor Family end.Even if the dynamic secret key of client is cracked, the communication security of same client other users will not be influenced and be somebody's turn to do The communication security of user's session next time.
The embodiment of the present invention additionally provides a kind of electronic equipment, and the composed structure of the electronic equipment is as shown in figure 9, packet It includes:Processor 901 and memory 902 for storing the computer program that can be run on a processor,
The step of processor 901 is for when running the computer program, executing following methods:
Obtain the first key information for calculating dynamic key;
The dynamic key is generated according to the fixed key information of the first key information and client;Wherein, described Fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
The information interacted is encrypted or decrypted using the dynamic key.
The processor 901 is also executed when running the computer program:
Receive the fixed key information that the client-side management land period is sent.
The processor 901 is also executed when running the computer program:
It carries out the first key information and the fixed key information to obscure operation, the character string after being obscured; Hash processing is carried out to the character string, generates the dynamic key.
The processor 901 is also executed when running the computer program:
The first key information and the fixed key information are subjected to step-by-step and operation, generate the character after obscuring String.
Wherein, the client is to be formed according to the type of service of application, wherein different types of service corresponds to different Client.
When the processor 901, which is located at, to be equipped in the terminal of the client, the processor 901 is described in operation When computer program, also execute:
The first key information for calculating dynamic key is received from server.
When the processor 901, which is located at, to be provided in the server of service to the client, the processor 901 is being transported When the row computer program, also execute:
It is local to read the first key information for calculating dynamic key.
The embodiment of the present invention additionally provides a kind of storage medium, is stored thereon with computer program, by by based on described Calculation machine program at least can perform the step of following methods:
Obtain the first key information for calculating dynamic key;
The dynamic key is generated according to the fixed key information of the first key information and client;Wherein, described Fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
The information interacted is encrypted or decrypted using the dynamic key.
When the computer program is run by processor, also execute:
Receive the fixed key information that the client-side management land period is sent.
When the computer program is run by processor, also execute:
It carries out the first key information and the fixed key information to obscure operation, the character string after being obscured; Hash processing is carried out to the character string, generates the dynamic key.
When the computer program is run by processor, also execute:
The first key information and the fixed key information are subjected to step-by-step and operation, generate the character after obscuring String.
When the computer program is run by processor, also execute:
The first key information for calculating dynamic key is received from server.
When the computer program is run by processor, also execute:
Read the first key information for calculating dynamic key.
The embodiment of the present invention additionally provides a kind of electronic equipment, and the composed structure of the electronic equipment is as shown in Figure 10, packet It includes:Processor 1001 and memory 1002 for storing the computer program that can be run on a processor,
The step of processor 1001 is for when running the computer program, executing following methods:
According to the type of service of application, client corresponding with the type of service of the application is generated;
Fixed key information is distributed for the client, wherein the fixed key information of each client is different;
The fixed key information of the client is sent to server and the terminal of the client is installed;Wherein, The first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, the dynamic is close Key, the information encryption for being interacted to the server and the client or decryption.
The processor 1001 is also executed when running the computer program:
Periodically it is that the client distributes fixed key information.
The processor 1001 is also executed when running the computer program:
Receive the risk report that risk control system is sent;
When the risk report shows the client there are abnormal behaviour, new consolidate is distributed to there is abnormal client Determine key information;
The new fixed key information is sent to abnormal client and server.
The embodiment of the present invention additionally provides a kind of storage medium, is stored thereon with computer program, by by based on described Calculation machine program at least can perform the step of following methods:
According to the type of service of application, client corresponding with the type of service of the application is generated;
Fixed key information is distributed for the client, wherein the fixed key information of each client is different;
The fixed key information of the client is sent to server and the terminal of the client is installed;Wherein, The first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, the dynamic is close Key, the information encryption for being interacted to the server and the client or decryption.
When the computer program is run by processor, also execute:
Periodically it is that the client distributes fixed key information.
When the computer program is run by processor, also execute:
Receive the risk report that risk control system is sent;
When the risk report shows the client there are abnormal behaviour, new consolidate is distributed to there is abnormal client Determine key information;
The new fixed key information is sent to abnormal client and server.
It is understood that the processor in the embodiment of the present invention may be a kind of IC chip, with signal Processing capacity.During realization, each step of the above method can by the integrated logic circuit of the hardware in processor or The instruction of person's software form is completed.Above-mentioned processor can be general processor, digital signal processor (DSP, Digital Signal Processor) either other programmable logic device, discrete gate or transistor logic, discrete hardware group Part etc..Processor may be implemented or execute disclosed each method, step and logic diagram in the embodiment of the present invention.General place It can be microprocessor or any conventional processor etc. to manage device.The step of method in conjunction with disclosed in the embodiment of the present invention, Hardware decoding processor can be embodied directly in and execute completion, or in decoding processor hardware and software module combination hold Row is completed.Software module can be located in storage medium, which is located at memory, and processor reads the letter in memory Breath, in conjunction with the step of its hardware completion preceding method.
Memory in the embodiment of the present invention can be volatile memory or nonvolatile memory, may also comprise volatile Both property and nonvolatile memory.Wherein, nonvolatile memory can be read-only memory (Read Only Memory, ROM), programmable read only memory (Programmable Read-Only Memory, PROM), erasable programmable is read-only deposits Reservoir (Erasable Programmable Read-Only Memory, EPROM), electrically erasable programmable read-only memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), magnetic random access store Device (ferromagnetic random access memory, FRAM), flash memory (Flash Memory), magnetic surface are deposited Reservoir, CD or CD-ROM (Compact Disc Read-Only, Memory CD-ROM);Magnetic surface storage can be Magnetic disk storage or magnetic tape storage.Volatile memory can be random access memory (Random Access Memory, RAM), it is used as External Cache.By exemplary but be not restricted explanation, the RAM of many forms is available, such as static Random access memory (Static Random Access Memory, SRAM), synchronous static RAM (Synchronous Static Random Access Memory, SSRAM), dynamic random access memory (Dynamic Random Access Memory, DRAM), Synchronous Dynamic Random Access Memory (Synchronous Dynamic Random Access Memory, SDRAM), double data speed synchronous dynamic RAM (Double Data Rate Synchronous Dynamic Random Access Memory, DDRSDRAM), enhanced synchronous dynamic random-access storage Device (Enhanced Synchronous Dynamic Random Access Memory, ESDRAM), synchronized links dynamic random Access memory (SyncLink Dynamic Random Access Memory, SLDRAM), direct rambus arbitrary access Memory (Direct Rambus Random Access Memory, DRRAM).The memory of description of the embodiment of the present invention is intended to The including but not limited to memory of these and any other suitable type.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the scope of the present invention.

Claims (14)

1. a kind of information processing method, which is characterized in that the method includes:
Obtain the first key information for calculating dynamic key;
The dynamic key is generated according to the fixed key information of the first key information and client;Wherein, the fixation Key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
The information interacted is encrypted or decrypted using the dynamic key.
2. according to the method described in claim 1, it is characterized in that, the method further includes:
Receive the fixed key information that the client-side management land period is sent.
3. according to the method described in claim 1, it is characterized in that, the consolidating according to the first key information and client Determine key information and generates the dynamic key, including:
It carries out the first key information and the fixed key information to obscure operation, the character string after being obscured;
Hash processing is carried out to the character string, generates the dynamic key.
4. according to the method described in claim 3, it is characterized in that, described by the first key information and the fixed key Information carries out obscuring operation, the character string after being obscured, including:
The first key information and the fixed key information are subjected to step-by-step and operation, generate the character string after obscuring.
5. method according to any one of claims 1 to 4, which is characterized in that
The client is to be formed according to the type of service of application, wherein different types of service corresponds to different clients.
6. method according to any one of claims 1 to 4, which is characterized in that
If the method is applied to be equipped in the terminal of the client, the acquisition is close for calculating the first of dynamic key Key information, including:
The first key information for calculating dynamic key is received from server.
7. method according to any one of claims 1 to 4, which is characterized in that
If the method is applied in the server for providing service to the client, the acquisition is for calculating dynamic key First key information, including:
It is local to read the first key information for calculating dynamic key.
8. a kind of information processing method, which is characterized in that the method includes:
According to the type of service of application, client corresponding with the type of service of the application is generated;
Fixed key information is distributed for the client, wherein the fixed key information of each client is different;
The fixed key information of the client is sent to server and the terminal of the client is installed;Wherein, described The first key information that fixed key information is used to provide with server generates dynamic key;Wherein, the dynamic key is used In the information encryption or decryption that are interacted to the server and the client.
9. according to the method described in claim 8, it is characterized in that, the method further includes:
Periodically it is that the client distributes fixed key information.
10. according to the method described in claim 8, it is characterized in that, the method further includes:
Receive the risk report that risk control system is sent;
When the risk report shows the client there are abnormal behaviour, it is close that the client to there is exception distributes new fixation Key information;
The new fixed key information is sent to abnormal client and server.
11. a kind of electronic equipment, the electronic equipment is terminal or server, which is characterized in that the electronic equipment includes:
Acquisition module, for obtaining the first key information for calculating dynamic key;
Generation module, for generating the dynamic key according to the fixed key information of the first key information and client; Wherein, the fixed key information is the distribution of client-side management platform, and the fixed key information of different clients is different;
Encryption Decryption module, for the information interacted to be encrypted or decrypted using the dynamic key.
12. a kind of electronic equipment, which is characterized in that the equipment includes:
Client generation module generates client corresponding with the type of service of the application for the type of service according to application End;
Distribution module, for distributing fixed key information for the client, wherein the fixed key information of each client is not Together;
Sending module, for the fixed key information of the client to be sent to server and is equipped with the end of the client End;Wherein, the first key information that the fixed key information is used to provide with server generates dynamic key;Wherein, described Dynamic key, the information encryption for being interacted to the server and the client or decryption.
13. a kind of electronic equipment, which is characterized in that including:Processor and memory;Wherein,
The memory, the memory for storing the computer program that can be run on a processor,
The processor is connect with the memory, and when for running the computer program, perform claim requires 1-7 or power Profit requires the step of any one of 8 to 10 the method.
14. a kind of computer readable storage medium, is stored thereon with computer program, when which is executed by processor The step of realizing any one of claim 1-7 or claim 8 to 10 the method.
CN201810117435.2A 2018-02-06 2018-02-06 Information processing method, electronic device, and storage medium Active CN108495309B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810117435.2A CN108495309B (en) 2018-02-06 2018-02-06 Information processing method, electronic device, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810117435.2A CN108495309B (en) 2018-02-06 2018-02-06 Information processing method, electronic device, and storage medium

Publications (2)

Publication Number Publication Date
CN108495309A true CN108495309A (en) 2018-09-04
CN108495309B CN108495309B (en) 2022-03-25

Family

ID=63344422

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810117435.2A Active CN108495309B (en) 2018-02-06 2018-02-06 Information processing method, electronic device, and storage medium

Country Status (1)

Country Link
CN (1) CN108495309B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110334528A (en) * 2019-06-04 2019-10-15 北京口袋时尚科技有限公司 Digital ID obscures method, obscures digital ID method of calibration and device
CN112564901A (en) * 2020-12-08 2021-03-26 浙江三维万易联科技有限公司 Key generation method and system, storage medium and electronic device

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1627682A (en) * 2003-12-12 2005-06-15 华为技术有限公司 Method for creating dynamic cipher at time of building connection in network transmission
CN101631305A (en) * 2009-07-28 2010-01-20 交通银行股份有限公司 Encryption method and system
CN101883108A (en) * 2010-06-29 2010-11-10 中兴通讯股份有限公司 Document transmission method and system of dynamic authentication
CN102118392A (en) * 2011-01-18 2011-07-06 南京朗睿软件科技有限公司 Encryption/decryption method and system for data transmission
US20130290733A1 (en) * 2012-04-26 2013-10-31 Appsense Limited Systems and methods for caching security information
CN104486307A (en) * 2014-12-03 2015-04-01 中国电子科技集团公司第三十研究所 Decentralized key management method based on homomorphic encryption
CN104796399A (en) * 2015-01-08 2015-07-22 北京思普崚技术有限公司 Key negotiation method of data encryption transmission
CN106850699A (en) * 2017-04-10 2017-06-13 中国工商银行股份有限公司 A kind of mobile terminal login authentication method and system
US9806888B1 (en) * 2016-07-06 2017-10-31 Shimon Gersten System and method for data protection using dynamic tokens
CN107395581A (en) * 2017-07-11 2017-11-24 上海众人网络安全技术有限公司 Quick Response Code generates and read method, device, system, equipment and storage medium
US20170366388A1 (en) * 2014-12-19 2017-12-21 Ivent Mobile B.V. Voice and text data service for mobile subscribers

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1627682A (en) * 2003-12-12 2005-06-15 华为技术有限公司 Method for creating dynamic cipher at time of building connection in network transmission
CN101631305A (en) * 2009-07-28 2010-01-20 交通银行股份有限公司 Encryption method and system
CN101883108A (en) * 2010-06-29 2010-11-10 中兴通讯股份有限公司 Document transmission method and system of dynamic authentication
CN102118392A (en) * 2011-01-18 2011-07-06 南京朗睿软件科技有限公司 Encryption/decryption method and system for data transmission
US20130290733A1 (en) * 2012-04-26 2013-10-31 Appsense Limited Systems and methods for caching security information
CN104486307A (en) * 2014-12-03 2015-04-01 中国电子科技集团公司第三十研究所 Decentralized key management method based on homomorphic encryption
US20170366388A1 (en) * 2014-12-19 2017-12-21 Ivent Mobile B.V. Voice and text data service for mobile subscribers
CN104796399A (en) * 2015-01-08 2015-07-22 北京思普崚技术有限公司 Key negotiation method of data encryption transmission
US9806888B1 (en) * 2016-07-06 2017-10-31 Shimon Gersten System and method for data protection using dynamic tokens
CN106850699A (en) * 2017-04-10 2017-06-13 中国工商银行股份有限公司 A kind of mobile terminal login authentication method and system
CN107395581A (en) * 2017-07-11 2017-11-24 上海众人网络安全技术有限公司 Quick Response Code generates and read method, device, system, equipment and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ZHIWEI ZHANG等: "SMART: Sponsored Mobile App RecommendaTion by Balancing App Downloads and Appstore Profit", 《2017 IEEE INTERNATIONAL CONFERENCE ON BIG DATA (BIGDATA)》 *
李晖等: "公共云存储服务数据安全及隐私保护技术综述", 《计算机研究与发展》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110334528A (en) * 2019-06-04 2019-10-15 北京口袋时尚科技有限公司 Digital ID obscures method, obscures digital ID method of calibration and device
CN112564901A (en) * 2020-12-08 2021-03-26 浙江三维万易联科技有限公司 Key generation method and system, storage medium and electronic device
CN112564901B (en) * 2020-12-08 2023-08-25 三维通信股份有限公司 Method and system for generating secret key, storage medium and electronic device

Also Published As

Publication number Publication date
CN108495309B (en) 2022-03-25

Similar Documents

Publication Publication Date Title
CN109033855B (en) Data transmission method and device based on block chain and storage medium
EP1942430B1 (en) Token Passing Technique for Media Playback Devices
CN102792630B (en) Systems and methods for authenticating an electronic transaction
US9852300B2 (en) Secure audit logging
CN103138939B (en) Based on the key access times management method of credible platform module under cloud memory module
US20210056541A1 (en) Method and system for mobile cryptocurrency wallet connectivity
CN103067160B (en) A kind of method and system for the dynamic key production for encrypting SD card
US7877604B2 (en) Proof of execution using random function
CN102982257A (en) Digital rights management using trusted processing techniques
CN107920052B (en) Encryption method and intelligent device
CN112565265B (en) Authentication method, authentication system and communication method between terminal devices of Internet of things
CA2714196A1 (en) Information distribution system and program for the same
CN107918731A (en) Method and apparatus for controlling the authority to access to open interface
CN110417547B (en) Secret key updating method and system for secret communication based on certificateless cryptography
CN110380859B (en) Quantum communication service station identity authentication method and system based on asymmetric key pool pair and DH protocol
CN110557248B (en) Secret key updating method and system based on signcryption of certificateless cryptography
CN109033808B (en) Game experience method and account server
US6633980B1 (en) Computing device communication with replay protection
CN106127081B (en) The open data fault-tolerant method for secure storing that can verify that
CN113111386A (en) Privacy protection method for block chain transaction data
CN108495309A (en) Method, electronic equipment and the storage medium of information processing
CN114500069A (en) Method and system for storing and sharing electronic contract
JP2002529778A (en) Incorporating shared randomness into distributed encryption
CN114154181A (en) Privacy calculation method based on distributed storage
CN106603544A (en) Data storage and cloud control method capable of lightweight auditing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant